Merge "Cert-Alarm token caching + other"

2021-10-15 13:23:50 +00:00 · 2021-10-15 13:23:50 +00:00 · 2f5fca74bb
parent 4506b957ac 5c42dde784
commit 2f5fca74bb
3 changed files with 12 additions and 14 deletions
--- a/sysinv/sysinv/sysinv/sysinv/cert_alarm/audit.py
+++ b/sysinv/sysinv/sysinv/sysinv/cert_alarm/audit.py
@ -201,12 +201,12 @@ class CertAlarmAudit(object):
            self.clear_expiring_soon(cert_name)
            self.clear_expired(cert_name)
        else:
-            if days_to_expiry > 0:
-                self.raise_expiring_soon(cert_name)
-            else:
+            if days_to_expiry < 0:
                # Expired. Clear expiring-soon & raise expired
                self.clear_expiring_soon(cert_name)
                self.raise_expired(cert_name)
+            else:
+                self.raise_expiring_soon(cert_name)

    def raise_expiring_soon(self, cert_name):
        self.fm_obj.set_fault(cert_name,
--- a/sysinv/sysinv/sysinv/sysinv/cert_alarm/fm.py
+++ b/sysinv/sysinv/sysinv/sysinv/cert_alarm/fm.py
@ -185,7 +185,7 @@ class FaultApiMgr(object):
                            (cert_name, expired_flag, state))
                    self.fm_api.clear_fault(alrm_id, entity_inst_id)
        except Exception as e:
-            LOG.warn(e)
+            LOG.exception(e)

    def get_faults(self, expired_flag):
        alrm_id = fm_constants.FM_ALARM_ID_CERT_EXPIRED if expired_flag \
@ -194,7 +194,7 @@ class FaultApiMgr(object):
        try:
            alarms = self.fm_api.get_faults_by_id(alrm_id)
        except Exception as e:
-            LOG.warn(e)
+            LOG.exception(e)
        return alarms

    def collect_all_cert_alarms(self):
--- a/sysinv/sysinv/sysinv/sysinv/cert_alarm/utils.py
+++ b/sysinv/sysinv/sysinv/sysinv/cert_alarm/utils.py
@ -65,6 +65,8 @@ CERT_SNAPSHOT is a dict of dict. Each entry is per certificate.
 }
 """

+TOKEN_CACHE = certmon_utils.TokenCache('internal')
+

 def get_cert_expiration_date(cert):
    """
@ -217,7 +219,7 @@ def get_annotation_data(secretobj):
                if SNAPSHOT_KEY_RENEW_BEFORE in certobj[SPEC]:
                    mode_metadata[SNAPSHOT_KEY_RENEW_BEFORE] = certobj[SPEC][SNAPSHOT_KEY_RENEW_BEFORE]

-                certobj_annotation = certobj[METADATA][ANNOTATIONS]
+                certobj_annotation = certobj[METADATA].get(ANNOTATIONS)
                annotation_dict, patch_needed = process_annotation_data(certobj_annotation)
                if patch_needed is True:
                    # Update the annotation
@ -336,16 +338,12 @@ def get_file_mode_metadata(certname, file_loc):

 def get_cert_uuid(certname):
    ret = 'unknown'
-    token = certmon_utils._get_token(
-        CONF.keystone_authtoken.auth_url + '/v3/auth/tokens',
-        CONF.keystone_authtoken.project_name,
-        CONF.keystone_authtoken.username,
-        CONF.keystone_authtoken.password,
-        CONF.keystone_authtoken.user_domain_name,
-        CONF.keystone_authtoken.project_domain_name,
-        CONF.keystone_authtoken.region_name)
+
+    global TOKEN_CACHE
+    token = TOKEN_CACHE.get_token()

    if token is None:
+        LOG.error('Error in retrieving token. Cannot process cert %s' % certname)
        return ret

    service_type = 'platform'